The most important decision a company will make about cybersecurity is its priority. Without support from the very top, an organization’s security staff will never get the resources necessary to adequately protect the company. Unfortunately, the board of directors and C-suite have historically been at odds with their own company’s security leaders when it comes to the importance of cybersecurity.
Lack of Top Level Support a Huge Security Impediment
A report published by The Economist Intelligence Unit in 2016 titled “The cyber-chasm: How the disconnect between the C-suite and security endangers the enterprise” highlights the security chasm between top leaders and those tasked with securing the organization. The study asserts that corporate leadership and security executives do not share the same commitment to cybersecurity, finding that cybersecurity ranks as the number one priority for security leaders, but only number nine for the C-suite. Despite years of news reports about destructive data breaches at leading firms, security ranks near the bottom of the C-suite’s priority list. Only 5% of C-suite executives consider it the highest priority corporate initiative—second to last on a list of ten major corporate initiatives. Research by Deloitte also emphasized the lack of support for cybersecurity at the board level, finding that just one in twenty boards (5%) have any cybersecurity experience among their members. The Deloitte study also revealed that board of directors are often aware of cybersecurity problems, but show no evidence that they are tackling them.
The Gap is Closing – Slowly
The good news is that recently, there’s evidence that the gap between security leaders and top-level management regarding security is slowly closing...
From Bert Rankin
Lack of Top Level Support a Huge Security Impediment
A report published by The Economist Intelligence Unit in 2016 titled “The cyber-chasm: How the disconnect between the C-suite and security endangers the enterprise” highlights the security chasm between top leaders and those tasked with securing the organization. The study asserts that corporate leadership and security executives do not share the same commitment to cybersecurity, finding that cybersecurity ranks as the number one priority for security leaders, but only number nine for the C-suite. Despite years of news reports about destructive data breaches at leading firms, security ranks near the bottom of the C-suite’s priority list. Only 5% of C-suite executives consider it the highest priority corporate initiative—second to last on a list of ten major corporate initiatives. Research by Deloitte also emphasized the lack of support for cybersecurity at the board level, finding that just one in twenty boards (5%) have any cybersecurity experience among their members. The Deloitte study also revealed that board of directors are often aware of cybersecurity problems, but show no evidence that they are tackling them.
The Gap is Closing – Slowly
The good news is that recently, there’s evidence that the gap between security leaders and top-level management regarding security is slowly closing...
From Bert Rankin
RSS Feed